Method for checking user access
First Claim
1. A method for checking the access of a user operating a first computer system controlled by a first security system to software and/or data on a second computer system controlled by a second security system comprising the following steps:
- a) transmitting a user-id from said first computer system to said second computer system and a challenge from said second computer system to said first computer system,b) transmitting said user-id and said challenge from said first computer system to said first security system,c) transmitting said user-id from said second computer system to a trusted agent and from said trusted agent to said second security system,d) transmitting a shared secret, which is registered in said first security system and in said second security system, from said second security system to said trusted agent and from said trusted agent to said second computer system,e) calculating in said first security system a first response using said shared secret,f) calculating in an access control unit of said second computer system, which access control unit is able to apply the rules of the first security system to calculate a response to a challenge, a second response to said challenge using said shared secret,g) transmitting said first response from said first security system to said first computer system, andh) transmitting said first response from said first computer system to said second computer system and comparing said first response and said second response in the second computer system in order to complete the access check of said user.
1 Assignment
0 Petitions
Accused Products
Abstract
A trusted agent for enabling the check of the access of a user operating a first computer system controlled by a first security system to software and/or data on a second computer system controlled by a second security system. The trusted agent includes several functions, including: (a) reception of a user-id for the second computer system and transmission of the user-id to the second security system; (b) retrieval of a shared secret, which is registered in the fist security system and in the second security system, from the second security system; and (3) transmission of the shared secret from the trusted agent to the second computer system.
-
Citations
13 Claims
-
1. A method for checking the access of a user operating a first computer system controlled by a first security system to software and/or data on a second computer system controlled by a second security system comprising the following steps:
-
a) transmitting a user-id from said first computer system to said second computer system and a challenge from said second computer system to said first computer system, b) transmitting said user-id and said challenge from said first computer system to said first security system, c) transmitting said user-id from said second computer system to a trusted agent and from said trusted agent to said second security system, d) transmitting a shared secret, which is registered in said first security system and in said second security system, from said second security system to said trusted agent and from said trusted agent to said second computer system, e) calculating in said first security system a first response using said shared secret, f) calculating in an access control unit of said second computer system, which access control unit is able to apply the rules of the first security system to calculate a response to a challenge, a second response to said challenge using said shared secret, g) transmitting said first response from said first security system to said first computer system, and h) transmitting said first response from said first computer system to said second computer system and comparing said first response and said second response in the second computer system in order to complete the access check of said user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
Specification